Asymmetric encryption?

I do not see any asymmetric encryption available in the EVM? RSA? I only see SHA there. I need an asymmetric encryption for my contract. I am sure others will need it too. Please add.


P.S. Does anyone from the ethereum team even read this forum? I do not see many answers to our questions. Is there any other way to communicate with the team? I( I tried FB message, no response...)

Thank you.

Comments

  • mids106mids106 Member Posts: 188 ✭✭✭
    @AlexNa there is the special function `ECRECOVER` which allows you to verify the public key signature on a message by your contracts. Here is a little test/demo how this could be used: https://github.com/ethereum/pyethereum/blob/c347089c6aeaceea339f5d5a2d1bfa65edb438af/tests/test_contracts.py#L1189-L1210

    Not sure what you need asymmetric encryption for, but know that your contracts can't hold secrets (see https://github.com/ethereum/wiki/wiki/Problems#4-code-obfuscation) so it would be of little use.
  • AlexNaAlexNa Member Posts: 32
    Thank you for the response. By asymmetric encryption I mean ability to use private/public keys to encrypt/decrypt. One key to encrypt, another one to decrypt.

    Let's say I want to implement a voting system so people can put some votes into the blockchain. The important thing here is to hide the actual votes until the voting process is finished, so the preliminary results are not effecting the outcome. Once the voting process finished, then everybody should see and verify the votes.

    The way to do so is simple.The voting system publishes a public key, then everybody encrypt their votes with it and put into the blockchain. Until the voting is done, nobody can understand the others votes. When it is finished, the voting system publishes the private key, so now everyone can see and verify the result.

    Let's say I want to implement something like this, but when money is involved (for funding some competitive projects for example) the Ethereum system looks perfect, but I need the contracts to encrypt/decrypt using private and public keys.

  • HellRazorHellRazor BerlinMember Posts: 99 ✭✭
    @AlexNa as far as I know it is never wise to encrypt anything in a contract, because you would send the raw data to the contract and it would be visible to the network. So encrypting/signing data has to take place in your dapp via js before you send it to the network. I am not 100% sure, but I think the ecrecover function would work to verify the results in the contract after you reveal some secret.
    @mids106 hi, could you explain how this ecrecover function works?
    I am guessing the secret vote thing could work with this if everybody who votes also uses a nonce and also publishes this nonce on the contract. But unfortunately I can't find a good description on how the ecrecover function works and what parameters it takes? Or can you provide a good link for that? Plz^^
  • LarsPensjoLarsPensjo SwedenMember Posts: 35
    One purpose of using Ethereum for voting is that it is decentralized. Once the process has started, it will continue according to the contract, and no one can manipulate it directly.

    If you need a private key to decode the result, which is managed by someone outside of the contract, then the implementation is no longer fully decentralized. There is an entity you will have to trust.
  • ryepdxryepdx Member Posts: 13
    Transparency is unavoidable for anything done on the blockchain. I recognize how useful it would be to have a "black box" program running on the blockchain, but unfortunately the two concepts are inherently opposed. In order for there to be trust that the program is not simply loading a private key pre-generated by the program's creator, you'd have to have insight into exactly how the program is generating its private key. And in doing so, you would reveal the private key itself. Even using homomorphic encryption to encrypt the private key's seed wouldn't be able to help you here, AFAIK, since the seed would have to be encrypted first with a key no one party in the voting system has access to. So it just pushes the problem back a layer.

    The closest thing I can come up with off the top of my head would be to set up a layering scheme where everyone exchanges public keys and then encrypts their votes using everyone else's public keys before publishing their votes. Then, once all the votes have been published, everyone reveals their private keys. The downside to this is that the revealing is not atomic, so whoever is last to reveal would get to see how everyone else voted before everyone else does. Depending on the political situation, that could be a deal breaker for this scheme.

    Anyway, I'm sure other people have come up with much better schemes than that. There's been a lot of research done and a lot of ink spilled over cryptographic voting systems.
Sign In or Register to comment.